Atomic macOS Stealer

Atomic Stealer

A Trojan Horse infection in a computer should never be underestimated, which is why, in the present article, we will share with you some important information about this type of malicious programs, placing an emphasis on Atomic Stealer – one of the latest Trojan Horse viruses. A guide below this short article will help those of you who already have Atomic Stealer in their Mac.

Atomic Stealer
The Atomic macOS Stealer malware detected by multiple antivirus programs in VirusTotal

It is, however, advisable to first read the article itself in order to better understand exactly what you are facing, what the potential consequences of this malware attack may be, and how to prevent such infections from happening again.

Amos Malware

Atomic macOS Stealer (AMOS) is a Trojan malware that targets macOS and is known for its ability to remain hidden on infected computers for extended periods of time. It is highly stealthy, which makes it difficult to detect and remove. AMOS is designed to steal sensitive information, including user names, passwords, credit card numbers, and cookies from multiple browsers.

One of the challenges with AMOS is its ability to disguise its processes and files, which it does by using the same names as system processes and files to remain undetected. Trojans like RustBucket and Atomic Stealer are particularly problematic, If you suspect that your Mac is infected with them, it is important to use a trusted guide or a recommended anti-malware tool to remove them. It is important to follow the instructions carefully to avoid deleting the wrong files and making the problem worse.

The potential consequences

Since most infections of this type are very versatile, we can’t tell you exactly what to expect from Atomic Stealer. However, we can give you an overall idea of the potential uses of Trojans. Most such viruses can be used to spy on you, to gather sensitive data such as passwords and banking numbers from your computer, to insert Ransomware infections in the system, to use your RAM, GPU, and CPU for cryptocurrency- mining, and more. To prevent any of this from happening, be sure to remove Atomic Stealer ASAP, and also remember to never download pirated content, visit sketchy sites, open spam emails, or click on questionable online ads and prompts. Also, a strong and frequently-updated antivirus is can significantly increase the safety levels of your system, which is why we advise you to get one if you currently do not have such a program.

SUMMARY:

NameAtomic Stealer
TypeTrojan
Detection Tool

Remove Atomic Stealer from Mac

If you have an Android virus, please use our Android Malware Removal guide.

If you have an iPhone virus, please use our iPhone Virus Removal guide


For a quick way to remove Atomic Stealer try to do this inside your Mac browser:

  1. Open your Mac browser.
  2. Go to Preferences.
  3. Now navigate to the extensions sub-menu.
  4. Look for any unfamiliar entries, including Atomic Stealer.
  5. Remove Atomic Stealer from your Mac as well as any other suspicious-looking items by clicking on the trash bin icon.

If this does not help then continue reading this article for more detailed instructions on how to get rid of Atomic Stealer!

Step1

The first thing you need to do is to Quit Safari (if it is opened). If you have trouble closing it normally, you may need to Force Quit Safari:

You can choose the Apple menu and click on Force Quit.

Alternatively, you can simultaneously press (the Command key situated next to the space bar), Option (the key right next to it) and Escape (the key located at the upper left corner of your keyboard).

If you have done it right a dialog box titled Force Quit Applications will open up.

In this new dialog window select Safari, then press the Force Quit button, then confirm with Force Quit again.

Close the dialog box/window.

Step2

WARNING! READ CAREFULLY BEFORE PROCEEDING!

Start Activity Monitor by opening up Finder, then proceed to activity-monitor

Once there, look at all the processes: if you believe any of them are hijacking your results, or are part of the problem, highlight the process with your mouse, then click the “i” button at the top. This will open up the following box:

chromeinfo

Now click on Sample at the bottom:

chromesample

Do this for all processes you believe are part of the threat, and run any suspicious files in our online virus scanner, then delete the malicious files:

Each file will be scanned with up to 64 antivirus programs to ensure maximum accuracy
This scanner is free and will always remain free for our website's users.
This file is not matched with any known malware in the database. You can either do a full real-time scan of the file or skip it to upload a new file. Doing a full scan with 64 antivirus programs can take up to 3-4 minutes per file.
Drag and Drop File Here To Scan
Drag and Drop File Here To Scan
Loading
Analyzing 0 s
Each file will be scanned with up to 64 antivirus programs to ensure maximum accuracy
    This scanner is based on VirusTotal's API. By submitting data to it, you agree to their Terms of Service and Privacy Policy, and to the sharing of your sample submission with the security community. Please do not submit files with personal information if you do not want them to be shared.

    Step3

    The next step is to safely launch Safari again. Press and hold the Shift key while relaunching Safari. This will prevent Safari’s previously opened pages from loading again. Once Safari is opened up, you can release the Shift key.

    On the off chance that you are still having trouble with scripts interrupting the closing of unwanted pages in Safari, you may need to take some additional measures.

    First, Force Quit Safari again.

    Now if you are using a Wi-Fi connection turn it off by selecting Wi-Fi off in you Mac’s Menu. If you are using a cable internet (Ethernet connection), disconnect the Ethernet cable.

    Step4

    Re-Launch Safari but don’t forget to press and hold the Shift button while doing it, so no previous pages can be opened up. Now, Click on Preferences in the Safari menu,

    Preferences in Safari

    and then again on the Extensions tab,

    extensions in safari

    Select and Uninstall any extensions that you don’t recognize by clicking on the Uninstall button. If you are not sure and don’t want to take any risks you can safely uninstall all extensions, none are required for normal system operation.
    Step5

    The threat has likely infected all of your browsers. The instructions below need to be applied for all browsers you are using.

    Again select Preferences in the Safari Menu, but this time click on the Privacy tab,
    Privacy in Safari

    Now click on Remove All Website Data, confirm with Remove Now. Keep in mind that after you do this all stored website data will be deleted. You will need to sign-in again for all websites that require any form of authentication.

    Still in the Preferences menu, hit the General tab

    General Tab in Safari

    Check if your Homepage is the one you have selected, if not change it to whatever you prefer.
    Default Home Page

    Select the History menu this time, and click on Clear History. This way you will prevent accidentally opening a problematic web page again.

    firefox-512 How to Remove Atomic Stealer From Firefox in OSX:

    Open Firefoxclick on mozilla menu (top right) ——-> Add-onsHit Extensions next.

    pic 6

    The problem should be lurking somewhere around here –  Remove it. Then Refresh Your Firefox Settings.


    chrome-logo-transparent-backgroundHow to Remove Atomic Stealer From Chrome in OSX:

     Start Chrome, click chrome menu icon —–>More Tools —–> Extensions. There,  find the malware and  select  chrome-trash-icon.

    pic 8

     Click chrome menu icon again, and proceed to Settings —> Search, the fourth tab, select Manage Search Engines.  Delete everything but the search engines you normally use. After that Reset Your Chrome Settings.

    If the guide doesn’t help, download the anti-virus program we recommended or try our free online virus scanner. Also, you can always ask us in the comments for help!


    About the author

    blank

    Brandon Skies

    Brandon is a researcher and content creator in the fields of cyber-security and virtual privacy. Years of experience enable him to provide readers with important information and adequate solutions for the latest software and malware problems.

    Leave a Comment